package com.springboot.framework.aspect;

import com.springboot.framework.annotation.ACS;
import com.springboot.framework.enums.Errors;
import com.springboot.framework.enums.StatusEnum;
import com.springboot.framework.exception.BusinessException;
import com.springboot.framework.model.UserModel;
import com.springboot.framework.service.UserSessionService;
import lombok.extern.slf4j.Slf4j;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;

/**
 * @author SWF
 * @date 2019/6/24 10:12
 **/
@Aspect
@Component
@Slf4j
public class AuthorizeAspect {

    @Resource
    private UserSessionService userSessionService;

    @Pointcut("execution(public * com.springboot.framework.controller.Admin*.*(..))")
    public void verifyAdmin(){};

//    @Pointcut("execution(public * com.springboot.framework.controller.Seller*.*(..))")
//    public void verifySeller(){};

    @Before("verifyAdmin()")
    public void doVerifyAdmin(JoinPoint joinPoint){
//        log.info("-----权限验证-----");
//        ServletRequestAttributes requestAttributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
//        HttpServletRequest request = requestAttributes.getRequest();
//        //权限校验
//        UserModel userModel = getLoginStatus(request);
//        if (!StatusEnum.ADMIN.getCode().equals(userModel.getUserType())) {
//            log.info("【越权操作】用户：{}，操作uri：{}，用户权限：{}",userModel.getId(),request.getRequestURI(),userModel.getUserType());
//            throw new BusinessException(Errors.SYSTEM_NO_ACCESS);
//        }
    }

    @Before("execution(public * com.springboot.framework.controller.Seller*.*(..)) && !@annotation(com.springboot.framework.annotation.ACS)")
    public void doVerifySeller(JoinPoint joinPoint){
       // SystemLog systemLog = ((MethodSignature)joinPoint.getSignature()).getMethod().getAnnotation(SystemLog.class);
        log.info("-----权限验证-----");
        ServletRequestAttributes requestAttributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
        HttpServletRequest request = requestAttributes.getRequest();
        //权限校验
        UserModel userModel = getLoginStatus(request);
        if (!StatusEnum.SELLER_USER.getCode().equals(userModel.getUserType())) {
            log.info("【越权操作】用户：{}，操作uri：{}，用户权限：{}",userModel.getId(),request.getRequestURI(),userModel.getUserType());
            throw new BusinessException(Errors.SYSTEM_NO_ACCESS);
        }
    }


    private UserModel getLoginStatus(HttpServletRequest request){
        // 缓存获取验证
        UserModel userModel = userSessionService.getSessionUser(request);
        if (userModel == null) {
            throw new BusinessException(Errors.SYSTEM_NOT_LOGIN);
        }
        return userModel;
    }

}
